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REMARKS/ARGUMENTS 

Prior to this Amendment, claims 1-22 were pending in the application. In 
this Amendment, claim 1 is amended to include the limitations of originally 
presented dependent claim 4, which is canceled, to more clearly distinguish the 
method of claim 1 from the art of record. Claim 8 is amended to make it 
dependent from claim 1 and more clearly claim features of the invention. 

Independent claim 10 is amended to Include the limitations of originally 
presented dependent claim 12, which is canceled, to further distinguish the 
method of claim 10 from the cited art. 

Claims 15 and 17 are canceled. 

Independent claim 19 is amended such that the claim is directed to 
computer readable medium having one or more computer readable program 
code devices not shown by the art of record. Specifically, the limitations of 
originally presented dependent claim 22 are added to claim 19, with claim 22 
being canceled. 

Claims 23 and 24 are added to provide protection for additional features 
of the method described in claim 1 that are not shown by the art of record. 

No new matter is added by the claim amendments with support found at 
least in the original claims or by the addition of claims 23 and 24 with support 
found in the paragraph beginning at line 15 on page 12. 

Claims 1-3, 5-11, 13, 14, 16, 18-21, 23, and 24 remain for consideration 
by the Examiner. 

Rejections Under 35 U.S.C. §101 

In the June 21 , 2004 Office Action, claims 19-22 were rejected under 
§101 as being directed to non-statutory subject matter. With this Amendment, 
claim 22 is canceled, and claims 19-21 are amended to address this rejection by 
directing the claims to a computer readable medium with program code devices. 
Claim Objections 

Additionally, in the Office Action, claim 19 was objected to based on an 
informality. Claim 19 is amended to address this informality (i.e., deletion of 
unnecessary phrase "the that"). 
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Rejections Under 35 U.S.C. 5112 

The June 21 , 2004 Office Action rejected claims 7, 8, 15, 17, 19, 20, 21 , 
and 22 under §112, second paragraph as being indefinite. This rejection is 
believed addressed based on the claim amendments and following remarks. 

Claim 7 and 8 were rejected in the Office Action because of contradictory 
claim language. In response, claim 8 is amended to remove its dependency 
from claim 7 (with claim 7 being amended to correct its dependency). 

Claims 15 and 17 are canceled. 

Claims 19, 21, and 22 were rejected based on the phrase "computer code 
devices", and claim 20 due to its dependency from claim 19. Claim 22 is 
canceled, and claims 19 and 21 are amended to use the phrase "computer 
readable program code devices" to clearly claim the subject matter of the 
invention. 

Rejections Under 35 U.S.C, $103 

In the Office Action, claims 1-22 were rejected under §1 03(a) as being 
unpatentable over U.S. Patent No. 6,311,269 ("Luckenbaughf) in view of Lincoln 
D. Stein, "Web Security..." ("Stein") further in view of Marty Hall, "Servlets and 
JSP..." ("Hall") and Bisaillon et al. t "TCP/IP With Windows../ ( ,, Bisaillon n )- 
Claims4, 12, 15, 17, and 22 are canceled. The rejection of the remaining 
pending claims is respectfully traversed based on the claim amendments and the 
following remarks. 

As noted in Applicant's specification in the paragraph beginning at line 30, 
page 1 1, "a significant aspect of the invention" is the ability of the tunnel 
mechanism through the response generator to hide the servers from the 
requesting client. In one embodiment, the response generator is configured to 
"prepare a response that appears to have originated at the host Web server 130 
and/or at the tunnel mechanism 140" and, hence, interaction with the hidden or 
protected servers Is M not visible to the client 110, and specifically, the address or 
location (e.g., URL) of the servers 170, 180 is not provided to the client 1 10 to 
enhance the security of the firewall system 100 ." The paragraph beginning at 
line 3 of page 15 provides an example of the standard response passed through 
a typical firewall to a requesting client, and as can be seen, the response 
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provides indication of the responding server. The cited references fail to show a 
tunnel mechanism that modifies the response to hide the responding server from 
the client after access is granted through a firewall. 

Another important function of the tunnel mechanism is provided by the 
response generator, which is described at least in the paragraph beginning at 
line 16, page 1 1 . The response generator also determines if there are any error 
messages "from the interfaces 174, 184 of the servers 170, 180" and if "any error 
message was received in response to the request", the response generator 
determines if the error is readily correctable and if so, invokes appropriate 
objects or software applications to address the error. The cited references also 
fail to show this feature of Applicant's invention. 

More particularly, claim 1 is directed to a method for providing a client with 
selective access to a computer device behind a firewall and a host. The method 
includes receiving with a tunnel mechanism an access request from an external 
client after the access request has already passed through a port in the firewall. 
Further, claim 1 calls for "receiving a response to the access request from the 
computer device and modifying the response prior to transmitting the response 
to the external client to remove identification information for the computer 
device ." Luckenbaugh (and the other references) fail to teach receiving a 
request that has already been filtered by a firewall and also, modifying a 
response from a computer device for which the firewall granted access to 
remove identification information for the computer device. For at least these 
reasons, Luckenbaugh does not suggest the claimed method and claim 1 is 
allowable over this reference. 

The Office Action cites Luckenbaugh for teaching all aspects of claim 1 
except for teaching the modification of the response to remove the identification 
information. Applicant agrees that Luckenbaugh fails to teach modifying the 
response after access is granted to a protected device. In col. 5, lines 14-65, 
Luckenbaugh teaches its method of using cookies to determine whether access 
to a device should be provided to a requesting client and returning results when 
access is granted. There is no discussion here or elsewhere of modifying the 
response to "remove identification information for the computer device." The 
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Office Action at the top of page 7 asserts that this feature of the invention would 
have been obvious "in order to minimize the threat of accessing secure HTML by 
an external client directly." 

However, Luckenbaugh specifically teaches the use of cookies and a CGI 
to protect secure HTML, and provides no motivation to further modify its system 
for added security. Further, Applicant disagrees that this would have been 
obvious to those in the art with no suggestion of modifying the response in this 
manner was known to Applicant prior to his invention and such a technique is not 
shown in any of the art of record, (see, for example, Stein which is specifically 
addressing web security). Hence, Luckenbaugh fails to support a rejection of 
claim 1 . 

Bisaillon is cited for teaching a TCP header "contains" internal device 
identification information, but then states in a conclusory manner that it would be 
obvious to remove this information "in order to minimize the threat of accessing a 
secure HTML by an external client directly." Neither Luckenbaugh nor Bisaillon 
provide any direct teaching of removing the information and Instead when taken 
together teach that the response would "contain" such information and that the 
CGI and cookies are used to provide security. Because Bisaillon fails to 
overcome the deficiencies of Luckenbaugh, claim 1 is allowable over the 
combined teaching of these two references. 

Additionally, Luckenbaugh fails to teach that the tunnel mechanism 
receives requests from clients after they have been filtered by a firewall. 
Apparently, the use of the CGI and the security cookies of Luckenbaugh are 
used to provide the functions of the firewall. Stein teaches firewall usage but 
provides no motivation to combine the use of a firewall with the teaching of other 
security measures, such as that of Luckenbaugh. The only motivation for 
combining the two references appears to come from Applicant's specification. 
For this additional reason, claim 1 is allowable over this reference taken alone or 
in combination with the other references. 

Claims 2, 3, and 5-9 depend from claim 1 and are believed allowable at 
least for the reasons for allowing claim 1 . Further, claim 8 calls for examining 
the response for an error message and operating the tunnel mechanism to take 
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corrective actions to remove the error message. The Office Action on page 7 
indicates that Luckenbaugh teaches this element with objects 313, 314 of Figure 
3A. However, at this citation, Luckenbaugh Is teaching processing a request for 
a cookie and if none is found, indicating an error to the requesting device. There 
is no teaching of finding an error in a "response" and correcting the error prior to 
transmitting the response. For this additional reason, claim 8 is believed 
allowable over Luckenbaugh when combined with the other references. 

Independent claim 10 is directed to a method similar to claim 1 and the 
reasons for allowing claim 1 are believed equally applicable to claim 10. Further, 
claim 10 calls for the identification removed to include "URL information for the 
internal device and the response modifying includes replacing the internal URL 
information with URL information for the tunnel mechanism." As discussed 
above, Luckenbaugh and the other references fail to teach modifying a response 
to remove the identification information for an internal network device. Further, 
the Office Action provides no specific citation for or any reason for finding the 
"replacing the internal URL information with URL information for the tunnel 
mechanism" taught or suggested by the references. Luckenbaugh does not 
teach providing URL information for the CGI to the external client and Applicant 
could find no relevant teaching in the other references. Because a prima facie 
case of obviousness presented by the Office Action and the references fail to 
teach or suggest the method of claim 10, the rejection of claim 10 should be 
withdrawn. Claims 11,13, and 14 depend from claim 10 and are believed 
allowable as depending from an allowable base claim. 

Independent claim 16 is directed to a system with limitations similar to 
those of claim 1 provided in apparatus format. Hence, the reasons provided for 
allowing claim 1 are applicable to claim 16. Claim 18 depends from claim 16 and 
is believed allowable as depending from an allowable base claim. 

Independent claim 19 is directed to a computer readable medium with 
computer readable program code devices to cause a computer to "translate error 
messages in the received response, to take response actions to the error 
messages, and to include unresolved ones of the translated error messages in 
the modified response." As discussed with reference to claim 8, Luckenbaugh 
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and the other cited references fail to teach identifying error messages in a 
"response" and taking corrective responses, instead, Luckenbaugh merely 
teaches identifying "requests* that fail to include cookie values. The cited 
references fail to teach or suggest every element of claim 19 and hence, the 
rejection of claim 19 and claims 20 and 21 which depend from claim 19 is not 
proper and should be withdrawn. Further, claim 21 includes limitations similar to 
claim 1 and is believed allowable for the reasons provided for allowing claim 1. 

Additionally, the Office Action rejected claims 1-4, 9, 16, and 18-22 under 
§1 03(a) as being unpatentable over U.S. Patent No. 6,457,061 ("Bal") in view of 
Stein in light of Harry Newton, "Newton's Telecom Dictionary" ("Newton") and 
U S. Patent No. 5,815,571 ("Finley"). The rejection of the claims is traversed 
based on the following remarks. 

The Office Action fails to make out a prima facie case of obviousness 
based on these references because there are no citations to the references for 
teaching modifying the response to remove identification of the protected 
computer device or for correcting errors in a response from the protected device. 
Applicant's review of Bal, Newton, and Finley also failed to find a teaching or 
suggestion of these elements. Hence, independent claims 1,16, and 19 and 
claims 2, 3, 9, 18, 20, and 21, which depend therefrom, are believed in condition 
for allowance over this combination of references. 

Further, the Office Action rejected claims 7 and 8 under §1 03(a) as being 
unpatentable over Bal in view of U.S. Patent No. 6,526,524 ("Kelley") and further 
in view of U.S, Patent No. 6,441,927 ("Dow"). Claims 7 and 8 depend from claim 
1 and are believed allowable as depending from an allowable base claim. 
Further, Kelley is cited at col. 30, lines 1 0-30 for teaching the limitation of claim 8 
of resolving the error prior to transmitting the response. However, Kelley merely 
teaches tracking errors and notifying a user regarding errors and provides no 
teaching at this citation of attempting to resolve problems prior to responding. 
For this additional reason, the method of claim 8 is not suggested by this 
combination of references. 

Yet further, the Office Action rejected claims 10-14 as being unpatentable 
over Bal in light of Newton in view of Stein. Claim 10 calls for modifying the 
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response prior to transmittal to remove the identification Information of the 
internal device and to replace it with URL information for a tunnel mechanism. 
The Office Action provides no citation in any of the references for either of these 
limitations. Additionally, as discussed previously. Applicants could find no 
teaching in Bal, Newton, or Stein of hiding the internal device and certainly, not 
of providing URL information for a tunnel mechanism. For these reasons, this 
combination of references fails to support a rejection under §1 03(a), and 
Applicant respectfully requests that this rejection of claims 10, 11, 13, and 14 be 
withdrawn. 

Additionally, the Office Action rejected claim 19 under §1 03(a) as being 
unpatentable over Bal in light of Newton and in view of Stein. As amended, 
claim 19 calls for computer readable program code devices configured to cause 
a computer to translate error messages in the received response and to take 
response actions to the error messages prior to sending a modified response. 
Bal, as discussed above with reference to claims 7 and 8, fails to teach or 
suggest correcting errors in a response, and Newton and Stein fail to overcome 
this deficiency of Bal. Hence, claim 19 is allowable over the combination of Bal, 
Newton, and Stein. 
Conclusions 

Applicant respectfully requests that a timely Notice of Allowance be 

issued in this case- 
No fee is believed due for this submittal. However, any fee deficiency 

associated with this submittal may be charged to Deposit Account No. 50-1 123. 



Respectfully submitted, 



September 10. 2004 
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